4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Application for RSA Primitives Validation.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncCopyright (c) 2010, Intel Corporation. All rights reserved.<BR>
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncThis program and the accompanying materials
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncare licensed and made available under the terms and conditions of the BSD License
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncwhich accompanies this distribution. The full text of the license may be found at
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncTHE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncWITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync// RSA PKCS#1 Validation Data from OpenSSL "Fips_rsa_selftest.c"
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync// Public Modulus of RSA Key
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncGLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaN[] = {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xBB, 0xF8, 0x2F, 0x09, 0x06, 0x82, 0xCE, 0x9C, 0x23, 0x38, 0xAC, 0x2B, 0x9D, 0xA8, 0x71, 0xF7,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x36, 0x8D, 0x07, 0xEE, 0xD4, 0x10, 0x43, 0xA4, 0x40, 0xD6, 0xB6, 0xF0, 0x74, 0x54, 0xF5, 0x1F,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xB8, 0xDF, 0xBA, 0xAF, 0x03, 0x5C, 0x02, 0xAB, 0x61, 0xEA, 0x48, 0xCE, 0xEB, 0x6F, 0xCD, 0x48,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x76, 0xED, 0x52, 0x0D, 0x60, 0xE1, 0xEC, 0x46, 0x19, 0x71, 0x9D, 0x8A, 0x5B, 0x8B, 0x80, 0x7F,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xAF, 0xB8, 0xE0, 0xA3, 0xDF, 0xC7, 0x37, 0x72, 0x3E, 0xE6, 0xB4, 0xB7, 0xD9, 0x3A, 0x25, 0x84,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xEE, 0x6A, 0x64, 0x9D, 0x06, 0x09, 0x53, 0x74, 0x88, 0x34, 0xB2, 0x45, 0x45, 0x98, 0x39, 0x4E,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xE0, 0xAA, 0xB1, 0x2D, 0x7B, 0x61, 0xA5, 0x1F, 0x52, 0x7A, 0x9A, 0x41, 0xF6, 0xC1, 0x68, 0x7F,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xE2, 0x53, 0x72, 0x98, 0xCA, 0x2A, 0x8F, 0x59, 0x46, 0xF8, 0xE5, 0xFD, 0x09, 0x1D, 0xBD, 0xCB
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync// Public Exponent of RSA Key
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncGLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaE[] = { 0x11 };
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync// Private Exponent of RSA Key
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncGLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaD[] = {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xA5, 0xDA, 0xFC, 0x53, 0x41, 0xFA, 0xF2, 0x89, 0xC4, 0xB9, 0x88, 0xDB, 0x30, 0xC1, 0xCD, 0xF8,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x3F, 0x31, 0x25, 0x1E, 0x06, 0x68, 0xB4, 0x27, 0x84, 0x81, 0x38, 0x01, 0x57, 0x96, 0x41, 0xB2,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x94, 0x10, 0xB3, 0xC7, 0x99, 0x8D, 0x6B, 0xC4, 0x65, 0x74, 0x5E, 0x5C, 0x39, 0x26, 0x69, 0xD6,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x87, 0x0D, 0xA2, 0xC0, 0x82, 0xA9, 0x39, 0xE3, 0x7F, 0xDC, 0xB8, 0x2E, 0xC9, 0x3E, 0xDA, 0xC9,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x7F, 0xF3, 0xAD, 0x59, 0x50, 0xAC, 0xCF, 0xBC, 0x11, 0x1C, 0x76, 0xF1, 0xA9, 0x52, 0x94, 0x44,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xE5, 0x6A, 0xAF, 0x68, 0xC5, 0x6C, 0x09, 0x2C, 0xD3, 0x8D, 0xC3, 0xBE, 0xF5, 0xD2, 0x0A, 0x93,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x99, 0x26, 0xED, 0x4F, 0x74, 0xA1, 0x3E, 0xDD, 0xFB, 0xE1, 0xA1, 0xCE, 0xCC, 0x48, 0x94, 0xAF,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x94, 0x28, 0xC2, 0xB7, 0xB8, 0x88, 0x3F, 0xE4, 0x46, 0x3A, 0x4B, 0xC8, 0x5B, 0x1C, 0xB3, 0xC1
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync// Known Answer Test (KAT) Data for RSA PKCS#1 Signing
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncGLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 RsaSignData[] = "OpenSSL FIPS 140-2 Public Key RSA KAT";
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync// Known Signature for the above message, under SHA-1 Digest
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncGLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaPkcs1Signature[] = {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x71, 0xEE, 0x1A, 0xC0, 0xFE, 0x01, 0x93, 0x54, 0x79, 0x5C, 0xF2, 0x4C, 0x4A, 0xFD, 0x1A, 0x05,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x8F, 0x64, 0xB1, 0x6D, 0x61, 0x33, 0x8D, 0x9B, 0xE7, 0xFD, 0x60, 0xA3, 0x83, 0xB5, 0xA3, 0x51,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x55, 0x77, 0x90, 0xCF, 0xDC, 0x22, 0x37, 0x8E, 0xD0, 0xE1, 0xAE, 0x09, 0xE3, 0x3D, 0x1E, 0xF8,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x80, 0xD1, 0x8B, 0xC2, 0xEC, 0x0A, 0xD7, 0x6B, 0x88, 0x8B, 0x8B, 0xA1, 0x20, 0x22, 0xBE, 0x59,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x5B, 0xE0, 0x23, 0x24, 0xA1, 0x49, 0x30, 0xBA, 0xA9, 0x9E, 0xE8, 0xB1, 0x8A, 0x62, 0x16, 0xBF,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x4E, 0xCA, 0x2E, 0x4E, 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, 0x72, 0x05, 0xDE, 0xE6,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync 0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync// Default public key 0x10001 = 65537
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncGLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 DefaultPublicKey[] = {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Validate UEFI-OpenSSL RSA Interfaces.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @retval EFI_SUCCESS Validation succeeded.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @retval EFI_ABORTED Validation failed.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Generate & Initialize RSA Context
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Set/Get RSA Key Components
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Set/Get RSA Key N
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Set/Get RSA Key E
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Clear/Get RSA Key Components
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Clear/Get RSA Key N
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Clear/Get RSA Key E
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Generate RSA Key Components
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaGenerateKey (Rsa, RSA_MODULUS_LENGTH, NULL, 0);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync CompareMem (KeyBuffer, DefaultPublicKey, 3) != 0) {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Check invalid RSA key components
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyN, KeyBuffer, KeySize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // SHA-1 Digest Message for PKCS#1 Signature
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = Sha1Update (Sha1Ctx, RsaSignData, AsciiStrLen (RsaSignData));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Sign RSA PKCS#1-encoded Signature
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaSetKey (Rsa, RsaKeyD, RsaD, sizeof (RsaD));
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaPkcs1Sign (Rsa, HashValue, HashSize, NULL, &SigSize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaPkcs1Sign (Rsa, HashValue, HashSize, Signature, &SigSize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync if (CompareMem (Signature, RsaPkcs1Signature, SigSize) != 0) {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Verify RSA PKCS#1-encoded Signature
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = RsaPkcs1Verify (Rsa, HashValue, HashSize, Signature, SigSize);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Release Resources